CVE Search Engine - Security Vulnerabilities and Exploits Search Tool | Vulners.com

🔥 Daily Hot!

💪🏽 CPE Enhanced Advisories

🕶 Shadow Exploits

🕵🏼 Vulners CPE

🔐 Security news

💻 Exploit updates

📑 Blogs review

🐧 Linux vulnerabilities

🤖 AI High Score

show all

324 matches found

Snyk•added 2026/06/06 9:0 p.m.•7 views

Embedded Malicious Code

Overview gpsea is a Python package for finding genotype-phenotype associations. Affected versions of this package are vulnerable to Embedded Malicious Code. This package contains malicious code associated with the Shai-Hulud / Miasma software supply chain campaign, a large scale operation that ha...

9.8CVSS5.7AI score

Exploits0References2

OSSF Malicious Packages•added 2026/05/19 12:0 a.m.•6 views

Malicious code in @antv/l7-renderer (npm)

Part of the Mini Shai-Hulud supply chain attack campaign in which a threat actor compromised the npm account atool and published 631 malicious versions across 314 npm packages in an automated 22-minute burst. Each malicious version injects a preinstall hook that executes a 498KB obfuscated Bun...

Exploits0References5

OSSF Malicious Packages•added 2026/05/19 12:0 a.m.•12 views

Malicious code in @antv/xflow-extension (npm)

Part of the Mini Shai-Hulud supply chain attack campaign in which a threat actor compromised the npm account atool and published 631 malicious versions across 314 npm packages in an automated 22-minute burst. Each malicious version injects a preinstall hook that executes a 498KB obfuscated Bun...

Exploits0References5

OSSF Malicious Packages•added 2026/05/19 12:0 a.m.•10 views

Malicious code in @antv/g-plugin-svg-picker (npm)

Part of the Mini Shai-Hulud supply chain attack campaign in which a threat actor compromised the npm account atool and published 631 malicious versions across 314 npm packages in an automated 22-minute burst. Each malicious version injects a preinstall hook that executes a 498KB obfuscated Bun...

Exploits0References4

OSSF Malicious Packages•added 2026/05/19 12:0 a.m.•9 views

Malicious code in @antv/dumi-theme-antv (npm)

Part of the Mini Shai-Hulud supply chain attack campaign in which a threat actor compromised the npm account atool and published 631 malicious versions across 314 npm packages in an automated 22-minute burst. Each malicious version injects a preinstall hook that executes a 498KB obfuscated Bun...

Exploits0References5

OSSF Malicious Packages•added 2026/05/19 12:0 a.m.•12 views

Malicious code in @antv/f2-wordcloud (npm)

Part of the Mini Shai-Hulud supply chain attack campaign in which a threat actor compromised the npm account atool and published 631 malicious versions across 314 npm packages in an automated 22-minute burst. Each malicious version injects a preinstall hook that executes a 498KB obfuscated Bun...

Exploits0References4

OSSF Malicious Packages•added 2026/05/19 12:0 a.m.•10 views

Malicious code in @antv/graphin-icons (npm)

Part of the Mini Shai-Hulud supply chain attack campaign in which a threat actor compromised the npm account atool and published 631 malicious versions across 314 npm packages in an automated 22-minute burst. Each malicious version injects a preinstall hook that executes a 498KB obfuscated Bun...

Exploits0References5

OSSF Malicious Packages•added 2026/05/19 12:0 a.m.•9 views

Malicious code in @antv/chart-node-g6 (npm)

Part of the Mini Shai-Hulud supply chain attack campaign in which a threat actor compromised the npm account atool and published 631 malicious versions across 314 npm packages in an automated 22-minute burst. Each malicious version injects a preinstall hook that executes a 498KB obfuscated Bun...

Exploits0References5

OSSF Malicious Packages•added 2026/05/19 12:0 a.m.•11 views

Malicious code in @antv/dw-util (npm)

Part of the Mini Shai-Hulud supply chain attack campaign in which a threat actor compromised the npm account atool and published 631 malicious versions across 314 npm packages in an automated 22-minute burst. Each malicious version injects a preinstall hook that executes a 498KB obfuscated Bun...

Exploits0References4

OSSF Malicious Packages•added 2026/05/19 12:0 a.m.•11 views

Malicious code in @antv/f6-ui (npm)

Part of the Mini Shai-Hulud supply chain attack campaign in which a threat actor compromised the npm account atool and published 631 malicious versions across 314 npm packages in an automated 22-minute burst. Each malicious version injects a preinstall hook that executes a 498KB obfuscated Bun...

Exploits0References5

OSSF Malicious Packages•added 2026/05/19 12:0 a.m.•8 views

Malicious code in @antv/g2plot-schemas (npm)

Part of the Mini Shai-Hulud supply chain attack campaign in which a threat actor compromised the npm account atool and published 631 malicious versions across 314 npm packages in an automated 22-minute burst. Each malicious version injects a preinstall hook that executes a 498KB obfuscated Bun...

Exploits0References5

OSSF Malicious Packages•added 2026/05/19 12:0 a.m.•7 views

Malicious code in @antv/gi-sdk-app (npm)

Part of the Mini Shai-Hulud supply chain attack campaign in which a threat actor compromised the npm account atool and published 631 malicious versions across 314 npm packages in an automated 22-minute burst. Each malicious version injects a preinstall hook that executes a 498KB obfuscated Bun...

Exploits0References4

OSSF Malicious Packages•added 2026/05/19 12:0 a.m.•11 views

Malicious code in @antv/g6-alipay (npm)

Part of the Mini Shai-Hulud supply chain attack campaign in which a threat actor compromised the npm account atool and published 631 malicious versions across 314 npm packages in an automated 22-minute burst. Each malicious version injects a preinstall hook that executes a 498KB obfuscated Bun...

Exploits0References4

OSSF Malicious Packages•added 2026/05/19 12:0 a.m.•8 views

Malicious code in @antv/g2 (npm)

Part of the Mini Shai-Hulud supply chain attack campaign in which a threat actor compromised the npm account atool and published 631 malicious versions across 314 npm packages in an automated 22-minute burst. Each malicious version injects a preinstall hook that executes a 498KB obfuscated Bun...

Exploits0References5

OSSF Malicious Packages•added 2026/05/19 12:0 a.m.•12 views

Malicious code in lint-md (npm)

Part of the Mini Shai-Hulud supply chain attack campaign in which a threat actor compromised the npm account atool and published 631 malicious versions across 314 npm packages in an automated 22-minute burst. Each malicious version injects a preinstall hook that executes a 498KB obfuscated Bun...

Exploits0References5

OSSF Malicious Packages•added 2026/05/19 12:0 a.m.•8 views

Malicious code in jest-random-mock (npm)

Part of the Mini Shai-Hulud supply chain attack campaign in which a threat actor compromised the npm account atool and published 631 malicious versions across 314 npm packages in an automated 22-minute burst. Each malicious version injects a preinstall hook that executes a 498KB obfuscated Bun...

Exploits0References5

OSSF Malicious Packages•added 2026/05/19 12:0 a.m.•7 views

Malicious code in limit-size (npm)

Part of the Mini Shai-Hulud supply chain attack campaign in which a threat actor compromised the npm account atool and published 631 malicious versions across 314 npm packages in an automated 22-minute burst. Each malicious version injects a preinstall hook that executes a 498KB obfuscated Bun...

Exploits0References5

OSSF Malicious Packages•added 2026/05/19 12:0 a.m.•11 views

Malicious code in @antv/g6-cli (npm)

Part of the Mini Shai-Hulud supply chain attack campaign in which a threat actor compromised the npm account atool and published 631 malicious versions across 314 npm packages in an automated 22-minute burst. Each malicious version injects a preinstall hook that executes a 498KB obfuscated Bun...

Exploits0References4

OSSF Malicious Packages•added 2026/05/19 12:0 a.m.•10 views

Malicious code in @antv/g-plugin-control (npm)

Part of the Mini Shai-Hulud supply chain attack campaign in which a threat actor compromised the npm account atool and published 631 malicious versions across 314 npm packages in an automated 22-minute burst. Each malicious version injects a preinstall hook that executes a 498KB obfuscated Bun...

Exploits0References5

OSV•added 2026/05/19 12:0 a.m.•4 views

MAL-2026-4021 Malicious code in @antv/gpt-vis-ssr (npm)

Part of the Mini Shai-Hulud supply chain attack campaign in which a threat actor compromised the npm account atool and published 631 malicious versions across 314 npm packages in an automated 22-minute burst. Each malicious version injects a preinstall hook that executes a 498KB obfuscated Bun...

Exploits0References5

Rows per page

Query Builder

Family

Bulletin Type

Min CVSS Score

Date

Order by